package com.shetuan.filter;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 * 权限过滤器
 * @author Administrator
 */
public class PermissionFilter implements Filter {

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
            throws IOException, ServletException {

        HttpServletRequest req = (HttpServletRequest) request;
        HttpServletResponse resp = (HttpServletResponse) response;

        // 获取项目根路径 (Context Path)，例如 /shetuan
        String contextPath = req.getContextPath();

        // 获取请求的URI
        String requestURI = req.getRequestURI(); // 例如: /shetuan/admin/main.jsp

        // 获取相对于应用的路径 (去掉 Context Path 的部分)
        String path = requestURI.substring(contextPath.length()); // 例如: /admin/main.jsp 或 /login.jsp

        String lruParam = req.getParameter("lru");

        // 获取session
        HttpSession session = req.getSession();
        Object login = session.getAttribute("login");

        // ===== 白名单：放行静态资源 =====
        // 否则, 登录页的CSS和JS也会被拦截，导致页面样式错乱
        if (path.startsWith("/js/") || path.startsWith("/css/") || path.startsWith("/images/")
                || path.startsWith("/fonts/") || path.startsWith("/admin/js/")
                || path.startsWith("/admin/css/") || path.startsWith("/admin/admin_image/")) {
            chain.doFilter(req, resp);
            return; // 必须 return
        }

        // ===== 白名单：放行无需登录的页面 =====
        if (path.equals("/login.jsp") || path.equals("/admin_login.jsp")
                || path.equals("/index.jsp") || path.equals("/regist.jsp")
                || path.equals("/Login") || path.equals("/Regist")
                || path.contains("/info/community_info") || path.contains("/info/activityDetil")
                || path.contains("info/notice_info.jsp")) // 登录和注册Servlet
        {
            chain.doFilter(req, resp);
            return; // 必须 return
        }

        if ("/admin/Query".equals(path) && lruParam != null) {
            if ("clist1".equals(lruParam) || "alist1".equals(lruParam)
                    || "clist2".equals(lruParam) || "alist2".equals(lruParam)
                    || "nlist1".equals(lruParam) || "nlist2".equals(lruParam)) {
                chain.doFilter(req, resp);
                return;
            }
        }

        // ===== 权限拦截逻辑 =====

        // 检查是否登录
        if (login == null) {
            // 未登录
            if(path.contains("/admin")) {
                // 如果访问的是admin后台页面
                req.getSession().setAttribute("admin_msg", "您尚未登录！请先登录");
                resp.sendRedirect(contextPath + "/admin_login.jsp");
            } else {
                // 如果访问的是其他前台页面
                req.getSession().setAttribute("msg", 1); // 1 可能代表 "请先登录"
                resp.sendRedirect(contextPath + "/index.jsp");
            }
        } else {
            // 已登录，放行
            chain.doFilter(req, resp);
        }
    }

    @Override
    public void destroy() {
    }
}